6/28/25, 2:10
PM
CEH V10 SYSTEM HACKING EXAM QUESTIONS AND
ANSWERS WITH COMPLETE SOLUTIONS LATEST UPDATE
2025 GRADED A++
Terms in this set (144)
The process of accumulating data regarding a specific network
environment.
In the this phase, the attacker creates a profile of the
target organization, obtaining information such as its IP
address range, namespace, and employees.
Footprinting
This eases the process of system hacking by revealing its
vulnerabilities. For example, the organization's website
may provide employee bios or a personnel
directory, which the hacker can use it for social
engineering purposes. Conducting a Whois query on
the web can provide information about the
associated networks and domain names related to a
specific organization.
The procedure for identifying active hosts, open ports,
and unnecessary services enabled on particular
hosts.
Attackers use different types of scanning, such as port
scanning, network scanning, and vulnerability scanning
Scanning of target networks or systems, which help in identifying
possible vulnerabilities.
1/38
,6/28/25, 2:10
PM
Scanning procedures such as port scanning and
ping sweep return information about the services
offered by the live hosts that are active on the Internet,
and their IP addresses.
2/38
,6/28/25, 2:10
PM
This is a method of intrusive probing, through which
attackers gather information such as network user lists,
routing tables, security flaws, and Simple Network
Management Protocol (SNMP) data.
This is significant, because the attacker ranges over the
target territory to glean information about the network,
and shared users, groups, applications, and banners.
Enumeration
This involves making active connections to the target
system or subjecting it to direct queries. Normally, an
alert and secure system will log such attempts.
Often, the information gathered is publicly available
anyway, such as a DNS address; however, it is possible
that the attacker might stumble upon a remote IPC
share, such as IPC$ in Windows, that can be probed with
a null session, thus allowing shares and accounts to
be enumerated
The Windows operating system uses Windows
Escalate privileges in the application compatibility framework called Shim to
Windows operating system provide compatibility between the older and newer
versions of Windows. An attacker can use these shims
to perform different attacks such as disabling Windows
defender, privilege escalation, installing backdoors, and
so on.
This access controls determine the access controls
taken by any possessor of an object in order to decide
the access controls of the subjects on those
objects.
Discretionary Access Control
(DAC) The other name for this is a need-to-know access
model. It permits the user, who is granted access to
information, to decide how to protect the
3/38
, 6/28/25, 2:10
PM
information and the level of sharing desired. Access to
files is restricted to users and groups based upon their
identity and the groups to which the users belong.
Gain Access- Once attackers succeed in gaining access
to the system, they are free to perform malicious
activities such as stealing sensitive data, implementing
a sniffer to capture network traffic, and infecting the
system with malware.
-At this stage, attackers use techniques such as
password cracking and social engineering tactics
to gain access to the target system.
Escalating Privileges- After gaining access to a system
using a low-privileged normal user account, attackers
may then try to increase their administrator privileges
to perform protected system operations, so that
they can proceed to the next level of the system
hacking phase: to execute applications. Attackers
exploit known system vulnerabilities to escalate user
privileges
System Hacking Goals Executing apps-Once attackers have administrator
privileges, they attempt to install malicious programs
such as Trojans, Backdoors, Rootkits, and Keyloggers,
which grant them remote system access, thereby
enabling them to execute malicious codes remotely.
-Installing Rootkits allows them to gain access at the
operating system level to perform malicious activities.
To maintain access for use at a later date, they may
install Backdoors.
Hiding files- root kits (Lives in Kernal below OS where
anitvirus software doesn't scan), steganography
-Attackers use Rootkits and steganography techniques
4/38
PM
CEH V10 SYSTEM HACKING EXAM QUESTIONS AND
ANSWERS WITH COMPLETE SOLUTIONS LATEST UPDATE
2025 GRADED A++
Terms in this set (144)
The process of accumulating data regarding a specific network
environment.
In the this phase, the attacker creates a profile of the
target organization, obtaining information such as its IP
address range, namespace, and employees.
Footprinting
This eases the process of system hacking by revealing its
vulnerabilities. For example, the organization's website
may provide employee bios or a personnel
directory, which the hacker can use it for social
engineering purposes. Conducting a Whois query on
the web can provide information about the
associated networks and domain names related to a
specific organization.
The procedure for identifying active hosts, open ports,
and unnecessary services enabled on particular
hosts.
Attackers use different types of scanning, such as port
scanning, network scanning, and vulnerability scanning
Scanning of target networks or systems, which help in identifying
possible vulnerabilities.
1/38
,6/28/25, 2:10
PM
Scanning procedures such as port scanning and
ping sweep return information about the services
offered by the live hosts that are active on the Internet,
and their IP addresses.
2/38
,6/28/25, 2:10
PM
This is a method of intrusive probing, through which
attackers gather information such as network user lists,
routing tables, security flaws, and Simple Network
Management Protocol (SNMP) data.
This is significant, because the attacker ranges over the
target territory to glean information about the network,
and shared users, groups, applications, and banners.
Enumeration
This involves making active connections to the target
system or subjecting it to direct queries. Normally, an
alert and secure system will log such attempts.
Often, the information gathered is publicly available
anyway, such as a DNS address; however, it is possible
that the attacker might stumble upon a remote IPC
share, such as IPC$ in Windows, that can be probed with
a null session, thus allowing shares and accounts to
be enumerated
The Windows operating system uses Windows
Escalate privileges in the application compatibility framework called Shim to
Windows operating system provide compatibility between the older and newer
versions of Windows. An attacker can use these shims
to perform different attacks such as disabling Windows
defender, privilege escalation, installing backdoors, and
so on.
This access controls determine the access controls
taken by any possessor of an object in order to decide
the access controls of the subjects on those
objects.
Discretionary Access Control
(DAC) The other name for this is a need-to-know access
model. It permits the user, who is granted access to
information, to decide how to protect the
3/38
, 6/28/25, 2:10
PM
information and the level of sharing desired. Access to
files is restricted to users and groups based upon their
identity and the groups to which the users belong.
Gain Access- Once attackers succeed in gaining access
to the system, they are free to perform malicious
activities such as stealing sensitive data, implementing
a sniffer to capture network traffic, and infecting the
system with malware.
-At this stage, attackers use techniques such as
password cracking and social engineering tactics
to gain access to the target system.
Escalating Privileges- After gaining access to a system
using a low-privileged normal user account, attackers
may then try to increase their administrator privileges
to perform protected system operations, so that
they can proceed to the next level of the system
hacking phase: to execute applications. Attackers
exploit known system vulnerabilities to escalate user
privileges
System Hacking Goals Executing apps-Once attackers have administrator
privileges, they attempt to install malicious programs
such as Trojans, Backdoors, Rootkits, and Keyloggers,
which grant them remote system access, thereby
enabling them to execute malicious codes remotely.
-Installing Rootkits allows them to gain access at the
operating system level to perform malicious activities.
To maintain access for use at a later date, they may
install Backdoors.
Hiding files- root kits (Lives in Kernal below OS where
anitvirus software doesn't scan), steganography
-Attackers use Rootkits and steganography techniques
4/38
